Merge branch 'main' into ac/pm-35351/post-public-members-no-longer-works-on-self-hosts

Author: r-tome

.github/renovate.json5

@@ -125,6 +125,7 @@
         "AutoMapper.Extensions.Microsoft.DependencyInjection",
         "AWSSDK.SimpleEmail",
         "AWSSDK.SQS",
+        "Azure.Storage.Blobs.Batch",
         "Handlebars.Net",
         "MailKit",
         "Microsoft.Azure.NotificationHubs",

.github/workflows/publish.yml

@@ -95,11 +95,13 @@ jobs:
           - project_name: Sso
     steps:
       - name: Print environment
+        env:
+          DRY_RUN: ${{ inputs.dry_run }}
         run: |
           whoami
           echo "GitHub ref: $GITHUB_REF"
           echo "GitHub event: $GITHUB_EVENT"
-          echo "Dry Run: ${{ inputs.dry_run }}"
+          echo "Dry Run: $DRY_RUN" 
 
       - name: Set up project name
         id: setup

Directory.Build.props

@@ -3,7 +3,7 @@
   <PropertyGroup>
     <TargetFramework>net8.0</TargetFramework>
 
-    <Version>2026.4.0</Version>
+    <Version>2026.4.1</Version>
 
     <RootNamespace>Bit.$(MSBuildProjectName)</RootNamespace>
     <ImplicitUsings>enable</ImplicitUsings>

src/Core/AdminConsole/OrganizationFeatures/Organizations/OrganizationDeleteCommand.cs

@@ -7,6 +7,7 @@
 using Bit.Core.Exceptions;
 using Bit.Core.Repositories;
 using Bit.Core.Services;
+using Bit.Core.Tools.Services;
 using Bit.Core.Vault.Services;
 using Microsoft.Extensions.Logging;
 
@@ -21,6 +22,7 @@ public class OrganizationDeleteCommand : IOrganizationDeleteCommand
     private readonly ICipherService _cipherService;
     private readonly ISubscriberService _subscriberService;
     private readonly IFeatureService _featureService;
+    private readonly ISendFileStorageService _sendFileStorageService;
     private readonly ILogger<OrganizationDeleteCommand> _logger;
 
     public OrganizationDeleteCommand(
@@ -31,6 +33,7 @@ public OrganizationDeleteCommand(
         ICipherService cipherService,
         ISubscriberService subscriberService,
         IFeatureService featureService,
+        ISendFileStorageService sendFileStorageService,
         ILogger<OrganizationDeleteCommand> logger)
     {
         _applicationCacheService = applicationCacheService;
@@ -40,6 +43,7 @@ public OrganizationDeleteCommand(
         _cipherService = cipherService;
         _subscriberService = subscriberService;
         _featureService = featureService;
+        _sendFileStorageService = sendFileStorageService;
         _logger = logger;
     }
 
@@ -70,6 +74,7 @@ public async Task DeleteAsync(Organization organization)
             }
         }
 
+        await _sendFileStorageService.DeleteFilesForOrganizationAsync(organization.Id);
         await _cipherService.DeleteAttachmentsForOrganizationAsync(organization.Id);
         await _organizationRepository.DeleteAsync(organization);
         await _applicationCacheService.DeleteOrganizationAbilityAsync(organization.Id);

src/Core/Billing/Services/Implementations/LicensingService.cs

@@ -31,7 +31,10 @@ namespace Bit.Core.Billing.Services;
 
 public class LicensingService : ILicensingService
 {
-    private readonly X509Certificate2 _certificate;
+    private const string _productionCertThumbprint = "‎B34876439FCDA2846505B2EFBBA6C4A951313EBE";
+    private const string _developmentCertThumbprint = "207E64A231E8AA32AAF68A61037C075EBEBD553F";
+    private readonly X509Certificate2 _creationCertificate;
+    private readonly HashSet<X509Certificate2> _verificationCertificates;
     private readonly IGlobalSettings _globalSettings;
     private readonly IUserRepository _userRepository;
     private readonly IOrganizationRepository _organizationRepository;
@@ -63,31 +66,63 @@ public LicensingService(
         _userLicenseClaimsFactory = userLicenseClaimsFactory;
         _pushNotificationService = pushNotificationService;
 
-        var certThumbprint = environment.IsDevelopment() ?
-            "207E64A231E8AA32AAF68A61037C075EBEBD553F" :
-            "‎B34876439FCDA2846505B2EFBBA6C4A951313EBE";
+
+        // Load license creation cert
+        var creationCertThumbprint = environment.IsDevelopment() ? _developmentCertThumbprint : _productionCertThumbprint;
+        _verificationCertificates = new HashSet<X509Certificate2>();
         if (_globalSettings.SelfHosted)
         {
-            _certificate = CoreHelpers.GetEmbeddedCertificateAsync(environment.IsDevelopment() ? "licensing_dev.cer" : "licensing.cer", null)
-                .GetAwaiter().GetResult();
+            X509Certificate2 devCert = null;
+            X509Certificate2 prodCert = CoreHelpers.GetEmbeddedCertificateAsync("licensing.cer", null).GetAwaiter().GetResult();
+
+            if (environment.IsDevelopment())
+            {
+                devCert = CoreHelpers.GetEmbeddedCertificateAsync("licensing_dev.cer", null).GetAwaiter().GetResult();
+                _creationCertificate = devCert;
+                // All self host envs accept prod cert. Creation cert added below to handle dev self-hosts
+                _verificationCertificates.Add(prodCert);
+            }
+            else
+            {
+                _creationCertificate = prodCert;
+            }
+
+            // non-production environments can use dev cert-generated licenses
+            if (!environment.IsProduction())
+            {
+                devCert ??= CoreHelpers.GetEmbeddedCertificateAsync("licensing_dev.cer", null).GetAwaiter().GetResult();
+                _verificationCertificates.Add(devCert);
+            }
         }
         else if (CoreHelpers.SettingHasValue(_globalSettings.Storage?.ConnectionString) &&
             CoreHelpers.SettingHasValue(_globalSettings.LicenseCertificatePassword))
         {
-            _certificate = CoreHelpers.GetBlobCertificateAsync(globalSettings.Storage.ConnectionString, "certificates",
+            _creationCertificate = CoreHelpers.GetBlobCertificateAsync(globalSettings.Storage.ConnectionString, "certificates",
                 "licensing.pfx", _globalSettings.LicenseCertificatePassword)
                 .GetAwaiter().GetResult();
         }
         else
         {
-            _certificate = CoreHelpers.GetCertificate(certThumbprint);
+            _creationCertificate = CoreHelpers.GetCertificate(creationCertThumbprint);
         }
+        // Creation cert can always be used to verify
+        _verificationCertificates.Add(_creationCertificate);
 
-        if (_certificate == null || !_certificate.Thumbprint.Equals(CoreHelpers.CleanCertificateThumbprint(certThumbprint),
+        if (_creationCertificate == null || !_creationCertificate.Thumbprint.Equals(CoreHelpers.CleanCertificateThumbprint(creationCertThumbprint),
             StringComparison.InvariantCultureIgnoreCase))
         {
             throw new Exception("Invalid licensing certificate.");
         }
+        var allowedThumbprints = new HashSet<string>(StringComparer.OrdinalIgnoreCase)
+        {
+            CoreHelpers.CleanCertificateThumbprint(_productionCertThumbprint),
+            CoreHelpers.CleanCertificateThumbprint(_developmentCertThumbprint)
+        };
+        if (_verificationCertificates is null || _verificationCertificates.Count == 0
+            || _verificationCertificates.Any(c => !allowedThumbprints.Contains(c.Thumbprint)))
+        {
+            throw new Exception("Invalid license verifying certificate.");
+        }
 
         if (_globalSettings.SelfHosted && !CoreHelpers.SettingHasValue(_globalSettings.LicenseDirectory))
         {
@@ -132,7 +167,7 @@ public async Task ValidateOrganizationsAsync()
                     continue;
                 }
 
-                if (string.IsNullOrWhiteSpace(license.Token) && !license.VerifySignature(_certificate))
+                if (string.IsNullOrWhiteSpace(license.Token) && !_verificationCertificates.Any(c => license.VerifySignature(c)))
                 {
                     await DisableOrganizationAsync(org, license, "Invalid signature.");
                     continue;
@@ -231,7 +266,7 @@ private async Task<bool> ProcessUserValidationAsync(User user)
             return false;
         }
 
-        if (string.IsNullOrWhiteSpace(license.Token) && !license.VerifySignature(_certificate))
+        if (string.IsNullOrWhiteSpace(license.Token) && !_verificationCertificates.Any(c => license.VerifySignature(c)))
         {
             await DisablePremiumAsync(user, license, "Invalid signature.");
             return false;
@@ -271,7 +306,7 @@ public bool VerifyLicense(ILicense license)
     {
         if (string.IsNullOrWhiteSpace(license.Token))
         {
-            return license.VerifySignature(_certificate);
+            return _verificationCertificates.Any((c) => license.VerifySignature(c));
         }
 
         try
@@ -288,12 +323,12 @@ public bool VerifyLicense(ILicense license)
 
     public byte[] SignLicense(ILicense license)
     {
-        if (_globalSettings.SelfHosted || !_certificate.HasPrivateKey)
+        if (_globalSettings.SelfHosted || !_creationCertificate.HasPrivateKey)
         {
             throw new InvalidOperationException("Cannot sign licenses.");
         }
 
-        return license.Sign(_certificate);
+        return license.Sign(_creationCertificate);
     }
 
     private UserLicense ReadUserLicense(User user)
@@ -341,7 +376,7 @@ public ClaimsPrincipal GetClaimsPrincipalFromLicense(ILicense license)
         var validationParameters = new TokenValidationParameters
         {
             ValidateIssuerSigningKey = true,
-            IssuerSigningKey = new X509SecurityKey(_certificate),
+            IssuerSigningKeys = _verificationCertificates.Select(c => new X509SecurityKey(c)),
             ValidateIssuer = true,
             ValidIssuer = "bitwarden",
             ValidateAudience = true,
@@ -393,7 +428,7 @@ private string GenerateToken(List<Claim> claims, string audience)
             claims.Add(new Claim(JwtClaimTypes.JwtId, Guid.NewGuid().ToString()));
         }
 
-        var securityKey = new RsaSecurityKey(_certificate.GetRSAPrivateKey());
+        var securityKey = new RsaSecurityKey(_creationCertificate.GetRSAPrivateKey());
         var tokenDescriptor = new SecurityTokenDescriptor
         {
             Subject = new ClaimsIdentity(claims),

src/Core/Core.csproj

@@ -32,13 +32,14 @@
     <PackageReference Include="Microsoft.AspNetCore.DataProtection" Version="8.0.10" />
     <PackageReference Include="Azure.Messaging.ServiceBus" Version="7.20.1" />
     <PackageReference Include="Azure.Storage.Blobs" Version="12.26.0" />
+    <PackageReference Include="Azure.Storage.Blobs.Batch" Version="12.23.0" />
     <PackageReference Include="Azure.Storage.Queues" Version="12.24.0" />
     <PackageReference Include="BitPay.Light" Version="1.0.1907" />
     <PackageReference Include="DuoUniversal" Version="1.3.1" />
     <PackageReference Include="DnsClient" Version="1.8.0" />
     <PackageReference Include="Fido2.AspNet" Version="3.0.1" />
     <PackageReference Include="Handlebars.Net" Version="2.1.6" />
-    <PackageReference Include="MailKit" Version="4.15.0" />
+    <PackageReference Include="MailKit" Version="4.16.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.10" />
     <PackageReference Include="Microsoft.Azure.Cosmos" Version="3.52.0" />
     <PackageReference Include="Microsoft.Azure.NotificationHubs" Version="4.2.0" />

src/Core/Services/Implementations/UserService.cs

@@ -30,6 +30,7 @@
 using Bit.Core.Platform.Push;
 using Bit.Core.Repositories;
 using Bit.Core.Settings;
+using Bit.Core.Tools.Services;
 using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Caching.Distributed;
@@ -69,6 +70,7 @@ public class UserService : UserManager<User>, IUserService
     private readonly IPricingClient _pricingClient;
     private readonly IHasPremiumAccessQuery _hasPremiumAccessQuery;
     private readonly ISubscriberService _subscriberService;
+    private readonly ISendFileStorageService _sendFileStorageService;
 
     public UserService(
         IUserRepository userRepository,
@@ -102,7 +104,8 @@ public UserService(
         IPolicyRequirementQuery policyRequirementQuery,
         IPricingClient pricingClient,
         IHasPremiumAccessQuery hasPremiumAccessQuery,
-        ISubscriberService subscriberService)
+        ISubscriberService subscriberService,
+        ISendFileStorageService sendFileStorageService)
         : base(
               store,
               optionsAccessor,
@@ -141,6 +144,7 @@ public UserService(
         _pricingClient = pricingClient;
         _hasPremiumAccessQuery = hasPremiumAccessQuery;
         _subscriberService = subscriberService;
+        _sendFileStorageService = sendFileStorageService;
     }
 
     public Guid? GetProperUserId(ClaimsPrincipal principal)
@@ -237,6 +241,7 @@ public override async Task<IdentityResult> DeleteAsync(User user)
                     var orgCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(org.Id);
                     if (orgCount <= 1)
                     {
+                        await _sendFileStorageService.DeleteFilesForUserAsync(user.Id);
                         await _organizationRepository.DeleteAsync(org);
                         deletedOrg = true;
                     }
@@ -281,6 +286,7 @@ await _subscriberService.CancelSubscription(
             catch (BillingException) { }
         }
 
+        await _sendFileStorageService.DeleteFilesForUserAsync(user.Id);
         await _userRepository.DeleteAsync(user);
         await _pushService.PushLogOutAsync(user.Id);
         return IdentityResult.Success;

src/Core/Services/Play/Implementations/PlayIdService.cs

@@ -8,6 +8,8 @@ public class PlayIdService(IHostEnvironment hostEnvironment) : IPlayIdService
     public bool InPlay(out string playId)
     {
         playId = PlayId ?? string.Empty;
-        return !string.IsNullOrEmpty(PlayId) && hostEnvironment.IsDevelopment();
+        var hasPlayId = !string.IsNullOrEmpty(playId);
+        var isNotProd = !hostEnvironment.IsProduction();
+        return hasPlayId && isNotProd;
     }
 }

src/Core/Services/Play/Implementations/PlayIdSingletonService.cs

@@ -35,7 +35,7 @@ public string? PlayId
 
     public bool InPlay(out string playId)
     {
-        if (hostEnvironment.IsDevelopment())
+        if (!hostEnvironment.IsProduction())
         {
             return Current.InPlay(out playId);
         }

src/Core/Tools/Repositories/ISendRepository.cs

@@ -23,6 +23,18 @@ public interface ISendRepository : IRepository<Send, Guid>
     /// </returns>
     Task<ICollection<Send>> GetManyByUserIdAsync(Guid userId);
 
+    /// <summary>
+    /// Loads all <see cref="Send"/>s owned by an organization.
+    /// </summary>
+    /// <param name="organizationId">
+    /// Identifies the organization.
+    /// </param>
+    /// <returns>
+    /// A task that completes once the <see cref="Send"/>s have been loaded.
+    /// The task's result contains the loaded <see cref="Send"/>s.
+    /// </returns>
+    Task<ICollection<Send>> GetManyByOrganizationIdAsync(Guid organizationId);
+
     /// <summary>
     /// Loads <see cref="Send"/>s scheduled for deletion.
     /// </summary>
@@ -35,6 +47,30 @@ public interface ISendRepository : IRepository<Send, Guid>
     /// </returns>
     Task<ICollection<Send>> GetManyByDeletionDateAsync(DateTime deletionDateBefore);
 
+    /// <summary>
+    /// Loads file-type <see cref="Send"/>s created by a user.
+    /// </summary>
+    /// <param name="userId">
+    /// Identifies the user.
+    /// </param>
+    /// <returns>
+    /// A task that completes once the <see cref="Send"/>s have been loaded.
+    /// The task's result contains the loaded file-type <see cref="Send"/>s.
+    /// </returns>
+    Task<ICollection<Send>> GetManyFileSendsByUserIdAsync(Guid userId);
+
+    /// <summary>
+    /// Loads file-type <see cref="Send"/>s owned by an organization.
+    /// </summary>
+    /// <param name="organizationId">
+    /// Identifies the organization.
+    /// </param>
+    /// <returns>
+    /// A task that completes once the <see cref="Send"/>s have been loaded.
+    /// The task's result contains the loaded file-type <see cref="Send"/>s.
+    /// </returns>
+    Task<ICollection<Send>> GetManyFileSendsByOrganizationIdAsync(Guid organizationId);
+
     /// <summary>
     /// Updates encrypted data for sends during a key rotation
     /// </summary>